Vulnerability CVE-2019-13045: Information
Description
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
Severity: HIGH (8.1) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| irssi | sisyphus | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
| irssi | p10 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
| irssi | p9 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3488-1 | 263100 | Fixed |
| irssi | c10f1 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
| irssi | c9f2 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2024-3802-3 | 342505 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://github.com/irssi/irssi/commit/d23b0d22cc611e43c88d99192a59f413f951a955 |
|
| https://irssi.org/security/irssi_sa_2019_06.txt |
|
| [oss-security] 20190629 Irssi 1.2.1/1.1.3/1.0.8: CVE-2019-13045 |
|
| 20190630 [slackware-security] irssi (SSA:2019-180-01) |
|
| http://packetstormsecurity.com/files/153480/Slackware-Security-Advisory-irssi-Updates.html |
|
| openSUSE-SU-2019:1690 |
|
| 108998 | |
| USN-4046-1 | |
| openSUSE-SU-2019:1894 |